[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Linux, VPN and ARP
Had same problem what I find out is that the kernel is issuing icmp redirects to tell the client to use the real IP address You can try to suppress them using type a "echo 0 > /proc/sys/net/ipv4/conf/ethx/send_redirects" (where ethx is the interface on which you make proxy arp) to null all that. BTW, I was not able to test it because I set up static routes on my internal machines to the IP Nat pool, so I am interested in the result of the test, if any. Siegfried > -----Original Message----- > From: [email protected] [SMTP:[email protected]] > Sent: Wednesday, May 09, 2001 10:39 AM > To: [email protected] > Subject: RE: [FW1] Linux, VPN and ARP > > > > > Hi Ian, > > > For RedHat 7.0 put all ARP statements in rc.local. This will ensure they > > are executed on a reboot. The "arp -s <ip> <mac> -i eth1 pub" is the > > syntax, but these arp entries have to be in rc.local. > > are you sure? I know that after a reboot all "manual" made arp entries will be > gone and therefore rc.local might > be a tplace where to put. > But my problem is that even after using "arp -s <ip> <mac> -i eth1 pub" it > doesn> ´t work :-( > Can you confirm that after seting up the arp entry on a usual linux box it > responds to e.g. ping to the "new" ip-address? > > Regards, > Marco > > > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|